ICYMI: 2025-12-09
Latest Headlines
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
How to Streamline Zero Trust Using the Shared Signals Framework
Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyberdefense
Prime Security Raises $20 Million to Build Agentic Security Architect
Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation
Proofpoint Completes $1.8 Billion Acquisition of Hornetsecurity
FortiOS, FortiWeb, and FortiProxy Vulnerability Lets Attackers Bypass FortiCloud SSO Authentication
Microsoft December 2025 Patch Tuesday – 56 Vulnerabilities Fixed Including 3 Zero-days
Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits
Threat Actors Poisoning SEO Results to Attack Organizations With Fake Microsoft Teams Installer
Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager
GOLD BLADE Using Custom QWCrypt Locker that Allows Data Exfiltration and Ransomware Deployment
Ransomware Targeting Hyper-V and VMware ESXi Surges as Akira Group Exploits System Vulnerabilities
See Cyber Threats to Your Company’s Industry & Region in 2 Seconds
Microsoft Teams New feature Allows Users to Flag Malicious Calls
Critical Emby Server Vulnerability Let Attackers Gain Admin Access
SAP fixes three critical vulnerabilities across multiple products
Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
Windows 11 KB5072033 & KB5071417 cumulative updates released
Ivanti warns of critical Endpoint Manager code execution flaw
Spain arrests teen who stole 64 million personal data records
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks
Microsoft investigates Copilot outage affecting users in Europe
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
– MTZ